Privacy Notice

Maybank Indonesia Privacy Notice

To provide you with products/services, we need your personal data. When you provide us with your personal data, we will do our utmost to protect the privacy of your data, and we would like you to be aware of the following:

Why Do We Need Your Personal Data?

We need your personal data:

• -For identification purpose, and to authenticate communications with, and instructions received from, you;
• To fulfil legal and regulatory requirements obligations;
• For assessing your suitability with our products/services offered;
• For analysis and marketing purposes, so that we can develop and offer better products/services;
• To facilitate our operations, and for processing your transactions, and instructions.

What Types Of Personal Data Do We Collect About You?

We will collect data that will enable us to:

• Identify you (e.g. name, identification numbers, DOB);
• Keep in contact with you (e.g. address, contact numbers);
• Assess your profile (e.g. employment details);
• Fulfill our legal and regulatory obligations; e.g. reporting obligations;
• Record details of your transactions/communications with us; e.g. voice/video recordings, biometric data, data from the internet and mobile applications.

With Whom Do We Share Your Data?

Subject to compliance with legal and regulatory obligations, your personal data will be shared:

• Within the Maybank Group of companies;
• With law enforcement agencies and regulatory bodies, with whom we are obliged to do so under certain circumstances;
• When doing so is necessary to protect your interests and when obtaining your consent prior to doing so is not practicable;
• With third parties with whom we have contracted with to provide certain services. These third parties are required to observe the same privacy
  standards that we have; and
• With parties with whom we have obtained your consent to share.

While we may share your data within the Maybank Group of companies and with certain strategic partners for the purpose of introducing products and services which we believe may be beneficial to you, we will not contact you for marketing purposes unless you have expressed your consent for us to do so. We also wish to assure you that we will not sell your personal data to any third party.

Where Do We Collect Your Data From?

Your personal data with us is obtained from various sources. This includes:

• Information provided by you or sources authorised by you;
• Information obtained from legally and publicly available sources;
• Information released to us by the authorities;
• Biometrics, digital footprints, geolocations, video images and voice - recordings obtained during your interaction with us, whether physically or through digital channels.

How Do We Safeguard Your Personal Data?

We will do our utmost to protect the privacy of your data, be it in physical or digital form. This includes having in place procedures and security measures that meet international best practices. These measures are regularly reviewed to ensure that they are effective and adequate. All our staff members and authorized third parties will be required to comply with these measures and practices. We are obliged to immediately act in writing to you on any privacy data protection that is not in accordance with the applicable policy.

What Are Your Rights, As The Provider Of Your Data To Us?

You have the rights to request access to the personal data that you have provided to us. However, there may be a cost involved, depending on the nature of the data requested.

You also have the rights to withdraw your consent for us to process the personal data provided by you. However, the withdrawal of your consent may affect the products/services that we can extend to you.

You may also change or correct the personal data that you have provided to us. Please contact us if there are changes to your personal data, or if you believe that the personal data we have about you is inaccurate, incomplete, misleading or outdated.

You can contact us by visiting any of our branches or call our Customer Care Hotline at 1500611 or +6221 78869811 if you are overseas.

Updates To This Privacy Statement

We may update this Privacy Statement from time to time. Please review periodically of this Privacy Statement to stay informed on how we are protecting your information.

We provide the Privacy Statement in both English and Bahasa Indonesia In case of any inconsistency between these two, the English version shall prevail. In case there are inconsistencies on how we collect or use your personal data between this Privacy Statement and the terms and conditions of your specific product or service or other contractual documents, the terms and conditions of your specific product or service or other contractual documents shall prevail.

This Privacy Statement was last updated in February 2022.

Security Statement

Security standards employed by us - and what you can do to stay safe online

PT Bank Maybank Indonesia Tbk (hereinafter referred to as “Maybank”) is highly committed to ensuring that all transactions performed through our online financial service are secure, safe and confidential. For this purpose, we enforce privacy protection control systems designed to ensure the highest security standards and confidentiality.

Username and Password

• Information Protection
• Data Confidentiality and Data Integrity
• System Security and Monitoring
• Computer Virus Protection
• Updating Your Browser
• Security Tips

Username and Password

To prevent unauthorised access to our online financial services, every customer is required to select a username and an alphanumeric password, which provides access to their financial information. The username must be between 6 to 20 characters and the alphanumeric password between 8 to 20 characters. The password must include both alphabets and numbers, with special characters # $ & and space as exceptions.
The username and alphanumeric password are case sensitive. For example, if your password is "fuNNySAD2B" and you key in "fuNNySAD2b", you will not be able to login (the "b" must be uppercase).

Here are some tips to ensure the integrity of your username and password:

• Do not choose a password that others can easily guess.
• Do not use simple words, your name, birth date, telephone number or names listed in a standard dictionary.
• Memorise your password and do not write it down.
• Passwords or PINs should be used when accessing an online account to protect your personal information.
• Sharing your password or PIN with another person is the same as giving that individual authority to use your name in a transaction. It should not be disclosed even if requested by an authorised Maybank Officer.
• Change your password frequently.

Information Protection

While we take considerable effort to ensure a safe and secure online experience, we have no control over the device you use to access Maybank2u ID. As an added security feature, we have incorporated an automatic log out function if no activity is detected after a preset time limit.

However, you must ensure you do not provide anyone the opportunity to gain access to your account information:

• Ensure no one has access to your device or records your online activities.
• Always log out Maybank2u ID immediately after completing transactions.
• Do not send any information about your account via e-mail.
• Disable the AutoComplete function on your device to avoid automatic completion of your ID when you type in User ID.

Data Confidentiality and Data Integrity

An SSL certificate offers trust and authentication to your website.

Systems security and monitoring

Maybank has adopted a combination of the following systems security and monitoring measures for online transactions:

• Firewall systems, strong data encryption, anti-virus protection and round-the-clock security surveillance systems to detect and prevent any form of illegitimate activities on our network systems.
• Regular security reviews of our systems by our internal System Auditor as well as external security experts.
• When you have a broadband connected to the Internet (always-on connection), consider installing a personal firewall. At a minimum, power-off your PC when not in use.
• We also take every effort in ensuring collaboration with major vendors/manufacturers to keep abreast of information security technology developments, for possible and future implementation.

Computer Virus Protection

Computer viruses are real and once your computer is infected it can cost you time, loss of information, repair expense, and aggravation. Make sure your computer/device has an anti-virus protection program installed to reduce the risk.

We recommend that you purchase a program that automatically upgrades your virus protection on a recurring basis. If you currently have a virus protection program on your computer without the automatic upgrade feature, make sure you update your virus detection program at least monthly and/or when you hear of a new virus to minimise your risk. You can do this by visiting the Internet site of the company that provides your software.

In addition, we advise you not to open attachments from others unless you are absolutely certain you can trust the source. However, it's best to be cautious. Whoever sent you that attachment may not know that they have carried the virus to you.

Updating your app/browser

• Always update your app/browser when new versions are released because they often include new security features.
• Check your app/browser for built-in safety features that you may or may not elect to use.
• Do not install unnecessary extensions or plugins to the web browser.
• Regularly clear all the cache, cookies and temporary files from the app/browser history.
• It is a good practice to always check the site certificate before login.

Security Tips

Protect Yourself and Your Information Online
10 easy ways to protect yourself:

• Do not share your password with friends, relatives or anyone. Your password and PIN are designed to protect the privacy of your banking information. They will only work if you keep them private.
• Change your password frequently. If you think your password has been compromised, contact us to reset your password.
• Don't use the "remember password" function because this information can be easily accessed by hackers.
• Do not provide your account details or passwords in response to an e-mail or by phone. A bank officer will never ask for this information.
• Don't open suspicious e-mail attachments.
• Avoid downloading free programs. These may incorporate hacker-friendly software.
• Always log out of Maybank2u ID immediately after completing transactions.
• Clear your cache (information stored in your computer memory) each time you log out.

If you have queries about any e-mail from Maybank or are suspicious that someone may be trying to get your PIN or account information under false pretenses, contact our Call Center 1500611 immediately.